Orlando, FL - April 7, 2005 - GTA released GNAT Box OS version 3.6 patch
level 2 (ver. 3.6.2) on April 7, 2005. This OS patch release includes
minor enhancements and fixes for issues identified since release of GNAT
Box OS version 3.6.1.
Full release notes are provided below.
GNAT Box OS version 3.6 patch level 2 will be available for download for
existing customers through the GTA on-line support center April 7, 2005,
and will ship preinstalled on new products beginning April 11, 2005.
Customers whose firewalls are currently registered through GTA's on-line
support center and have version 3.6.x or a current support contract, may
download the latest update and retrieve required activation codes at no
charge. Other customers should contact GTA sales or their authorized GTA
channel partner for purchase options for the version 3.6.2 upgrade.
Global Technology Associates, Inc.
GNAT BOX SYSTEMS SOFTWARE
VERSION 3.6.2
RELEASE NOTES
Author: Global Technology Associates, Inc.
Product: GNAT Box System Software version 3.6.2
Date: 31 March 2005
-------------------------------------------------------------------------
GNAT Box System Software version 3.6.2 includes updated versions of the
following GTA products and utilities:
GNAT Box System Software 3.6.2
GBAdmin 3.6.2
Release notes are located on the installation CD and on GTA's web site.
For more about upgrading related software, see individual product
release notes.
-------------------------------------------------------------------------
CONTENTS
Release Notes sections are categorized first by feature addressed, then
by the type of change.
1. INSTALL NOTES
2. BASIC CONFIGURATION
3. DNS PROXY OR DNS SERVICE
4. MAIL SENTINEL EMAIL PROXY SERVICE
5. WEB PROXY SERVICE
6. NETWORK TIME (NTP) SERVICE
7. ADMINISTRATION AND REPORTS
8. SYSTEM
9. GBADMIN
10. RELEASE NOTES HISTORY
-------------------------------------------------------------------------
1. INSTALL NOTES
1.1 Firewall Rebooting After Uploading a Configuration
When uploading a complete firewall configuration, updating an
H2A slave, or when performing Save All/Save Copy As in GBAdmin,
the firewall will now reboot to apply the new configuration.
GBSS3620002676, GBSS3620002669, GBSS3620002673
1.2 Entering New Mail Sentinel Subscription Activation Codes
Mail Sentinel Anti-Spam and Mail Sentinel Anti-Virus users
must enter new activation codes for the new version.
1.3 Upgrading Hard Drive GB-Ware Installations from 3.5.x to 3.6.2
When upgrading a hard drive GB-Ware firewall from version 3.5.x
to 3.6.2:
1. Back up the firewall configuration.
2. Reinstall the firewall software completely from the CD.
3. Restore the configuration.
The GB-Ware CD image (ISO-9660) is available for download from
GTA's Online Support Center
(https://www.gta.com/support/center/login/). Failure to reinstall
from CD may cause hard drive geometry errors that prevent the
upgrade.
1.4 SSL Certificate Replacement
Version 3.6.2 will install a new default security/SSL
certificate. Some browsers, including Netscape and Mozilla,
will not recognize the new certificate if the original has
never been replaced. If you are unable to log on to the
firewall after upgrading, delete the browser's cached security
certificate, then close and restart your browser before
reattempting remote access to your firewall.
2. BASIC CONFIGURATION
2.1 Bug Fixes
2.1.1 When entering activation codes on GB-Ware without the
USB key block and using certain types of motherboards,
the firewall no longer freezes.
GBSS3620002475
2.1.2 When uploading a PPP configuration without any default
configuration in place, the upload no longer fails.
GBSS3620002651, GBSS3620002676
2.1.3 When a PPP or PPPoE configuration is saved while traffic
is using the PPP/PPPoE interface, the firewall no longer
sometimes crashes.
GBSS3620002692
3. DNS PROXY OR DNS SERVICE
3.1 Feature Enhancement
3.1.1 When rebooting the firewall or saving the Dynamic DNS
configuration section, Dynamic DNS now attemtps to
force an update.
GBSS3620002631
3.1.2 named (DNS Server) has been updated to version 8.4.6.
GBSS3620002674
4. MAIL SENTINEL EMAIL PROXY SERVICE
4.1 Bug Fixes
4.1.1 Mail Sentinel Anti-Spam options on GB-Ware systems with
64 MB Compact Flash cards now work as intended.
GBSS3620002628
4.1.2 Mail Sentinel Anti-Virus options on GB-Ware systems with
an SIO runtime now work as intended.
GBSS3620002618
4.1.3 Mail Sentinel no longer exhausts available inodes on
some firewalls, causing the service to stop.
GBSS3620002636
4.1.4 Mail Sentinel, Mail Sentinel Anti-Spam and Mail Sentinel
Anti-Virus now check for DNS reconfigurations.
GBSS3620002675
4.1.5 When performing a quarantine action with an email address
whose DNS MX entry refers back to the firewall itself,
Mail Sentinel now connects directly to the IP address to
avoid a DNS-related email loop.
GBSS36220002678
5. WEB PROXY SERVICE
5.1 Bug Fixes
5.1.1 Mobile code blocking is no longer ignored.
GBSS3620002670
5.1.2 Surf Sentinel now checks for DNS reconfigurations.
GBSS3620002298
6. NETWORK TIME (NTP) SERVICE
6.1 New Features
6.1.1 Relationship with the NTP server can now be toggled
between server mode (the most common use) and peer mode.
GBSS3620002688
7. ADMINISTRATION AND REPORTS
7.1 New Features
7.1.1 Ping can now be performed through VPNs using the binding
interface option in the web interface.
GBSS3620001915
7.2 Bug Fixes
7.2.1 When uploading a complete firewall configuration or
using Save All in GBAdmin, static address mappings no
longer fail.
GBSS3620002643, GBSS3620002676
7.2.1 When viewing a Configuration Report for a static route
that uses dynamic gateways or interface object, the
gateway's object name (if any) now displays as intended.
GBSS3620002697
7.2.1 When viewing a Configuration Report, local/remote IP
addresses for PPP connections no longer show an incorrect
third IP address between the initial and negotiated
address.
GBSS3620002699
8. SYSTEM
8.1 New Features
8.1.1 Support for inbound TCP connection SYN validation cookies
and SYN flood logging added.
GBSS3620002634, GBSS3620002626
8.1.2 Extended passive FTP (RFC 2428) is now supported.
GBSS3620000093
8.2 Feature Enhancements
8.2.1 Protection for an additional variant of the FTP bounce
attack was added.
GBSS3620002620
8.2.2 When operating in stealth mode, the firewall now allows
pings on the PSN interface.
GBSS3620002187
8.3 Bug Fixes
8.3.1 The ARP table is now appended only for accepted
connections.
GBSS3620001345
8.3.2 When verifying the sender and sequence of resent TCP SYN
packets, retransmission is no longer incorrectly
blocked, resulting in inappropriately dropped
connections.
GBSS3620002700
8.3.3 When handling FTP connections where the firewall has
operated on a packet but the host has not acknowledged
reception, the FTP connection no longer hangs.
GBSS3620002706
9. GBADMIN
9.1 Bug Fixes
9.1.1 When editing an object in GBAdmin, objects can no
longer replace the ANY_IP object in the list, causing it
to become editable and causing the edited object to
become unmodifiable.
GBAD3620002509
9.1.2 When viewing a bridged interface configuration report
in GBAdmin, the label text now displays correctly.
GBAD3620002663
9.1.3 When editing mobile code or unknown HTTP command
blocking for the HTTP proxy in GBAdmin, incorrect ACL
information no longer loads.
GBAD3620002672
9.1.4 When creating an empty address object and deleting it,
subsequent address objects in the list are no longer
corrupted.
GBAD3620002658
9.1.5 The GB-Commander configuration section now uses the
intended label "Pre-shared Secret" instead of "Password".
GBAD3620002717
10. RELEASE NOTES HISTORY
10.1 Previous Release Notes
These notes cover the 3.6.2 release of GNAT Box System
Software. Release notes for previous versions can be found at
GTA's web site, www.gta.com.
-------------------------------------------------------------------------
Global Technology Associates, Inc.
3525 Lake Lynda Drive, Suite 109
Orlando, Florida 32817
www.gta.com
407.380.0220
------------------------------------------------------
To unsubscribe: [EMAIL PROTECTED]
For additional commands: [EMAIL PROTECTED]
Archive: http://archives.gnatbox.com/gb-users/
